Package: libssh / 0.4.5-3+squeeze3

Metadata

Package Version Patches format
libssh 0.4.5-3+squeeze3 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
0001 socket.c Fixed setting max_fd which breaks ssh_selec.patch | (download)

libssh/socket.c | 5 4 + 1 - 0 !
1 file changed, 4 insertions(+), 1 deletion(-)

 [patch] socket.c: fixed setting max_fd which breaks ssh_select().

Signed-off-by: Andreas Schneider <asn@cynapses.org>

0002 socket Fixed uninitialized fd revents member.patch | (download)

libssh/socket.c | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 socket: fixed uninitialized fd->revents member.

Signed-off-by: Vic Lee <llyzs@163.com>

CVE 2012 4559.patch | (download)

libssh/agent.c | 2 2 + 0 - 0 !
libssh/channels.c | 2 1 + 1 - 0 !
libssh/sftp.c | 27 17 + 10 - 0 !
3 files changed, 20 insertions(+), 11 deletions(-)

 fix double free that could lead to denial of service or code execution (cve-2012-4559)
CVE 2012 4561.patch | (download)

libssh/keyfiles.c | 12 6 + 6 - 0 !
libssh/keys.c | 5 5 + 0 - 0 !
2 files changed, 11 insertions(+), 6 deletions(-)

 fix invalid free that could lead to denial of service or code execution (cve-2012-4561)
CVE 2012 4562.patch | (download)

libssh/buffer.c | 31 23 + 8 - 0 !
libssh/dh.c | 4 4 + 0 - 0 !
libssh/string.c | 25 20 + 5 - 0 !
3 files changed, 47 insertions(+), 13 deletions(-)

 fix buffer overflows that could lead to denial of service or code execution (cve-2012-4561)
CVE 2014 0017.patch | (download)

include/libssh/wrapper.h | 1 1 + 0 - 0 !
libssh/server.c | 3 2 + 1 - 0 !
libssh/wrapper.c | 12 12 + 0 - 0 !
3 files changed, 15 insertions(+), 1 deletion(-)

 security: fix for vulnerability cve-2014-0017
CVE 2016 0739.patch | (download)

libssh/dh.c | 12 8 + 4 - 0 !
1 file changed, 8 insertions(+), 4 deletions(-)

 libssh: bits/bytes confuson resulting in truncated difffie-hellman secret length

[benh: Backported to squeeze: only key exchange type is DH group 1 SHA-1]